A new hacking method is circulating, and it’s as clever as it is bothersome. According to recent reports, attackers are leveraging Chrome’s Kiosk Mode to force the browser into full-screen, effectively locking users out of their devices until they input their Google password. Unfortunately, once entered, your password is swiftly stolen.
A report from OALabs details this innovative attack vector for pilfering Google credentials, combining two distinct techniques. First, a malicious Windows program launches a fake Google login page in Chrome and activates Kiosk Mode. This feature presents a page in full-screen without allowing navigation to other applications—similar to what you’d encounter at a self-service kiosk. Even experienced users may struggle to bypass this, as certain inputs (like F11 to exit full-screen) are disabled.
The only action available on this phony page is to enter your Google login and password. After submission, a secondary program captures your credentials and sends them to a remote hacker. In the worst-case scenario, the hacker could change your password, locking you out of Gmail and any associated accounts, including third-party services using Google’s login system.
This nefarious tactic presents a one-two punch for identity thieves. While primarily targeting Chrome, the attack can also be executed on other browsers that implement Kiosk Mode similarly.
Savvy Windows users might find ways to evade the login prompt—using the classic Ctrl + Alt + Delete keyboard shortcut to access the Task Manager and terminate the browser, for instance. However, this direct and frustrating method may lead even seasoned PC users to input their Google passwords instinctively.
As always, exercise caution when downloading software and be vigilant about your sources. If you encounter an unexpected full-screen Google login page, your first action (after escaping) should be to run a comprehensive virus scan.